Cyber security news for all

More

    Decathlon database was discovered on an unsecured server

    French sports retail giant Decathlon is the latest major brand to disclose user data through a misconfigured database, leaking over 120 million records, including customer and employee information.

    The database was discovered on an unsecured server. It contained information from Decathlon’s European companies. Leaked data includes employee usernames, unencrypted passwords and personally identifiable information including social security numbers and cell phone numbers.

    Cybercriminals Could Use Corporate Logins To Spy On Businesses

    The positions and workplaces of employees are spread across the database are their own physical home addresses. This could lead to angry ex-employees or angry customers tracking them down and threatening their physical safety and well-being. Decathlon claims that despite the large number of records in the database, only a small percentage are actually users. The unsecured database was discovered on February and the company was notified a few days later. It took action almost immediately and closed public access to the database.

    This is not the first time that sensitive data has been leaked through an unprotected server. Among other things, data was exposed from 20 million people and from customers of well known hotel chains. The database would have contained everything that malicious hackers would theoretically need – to gain access to bank accounts. The data could also be used for sophisticated phishing campaigns or identity theft.

    This is a real treasure trove for hackers. Because Decathlon database contains practically everything that a malicious hacker would theoretically need to take over accounts and gain access to private and even proprietary information. At the moment it is only certain that data from employees were affected. There is also the possibility that data from Decathlon was stored in the database. The Decathlon team has not checked all of the data records contained in the database.

    Recent Articles

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox